09ce722f2c0058d0bcbc59e27d05350b

General

Target

09ce722f2c0058d0bcbc59e27d05350b
Size

211KB
MD5

09ce722f2c0058d0bcbc59e27d05350b
SHA1

9a4f01d78cfd2aeb891d4a8c30acfd6a2c174f9d
SHA256

f00f9d7cfcab4000b1c770829eaeb016b0091db6ace1131dd6153df97d58d721
SHA512

3b95e5ff1e296a745518a21ae32af7eeae360a918ff9023d5129c5cf92dbdce404d11525432a687d5c73e3d4ef376c94b585363bd36089a4b611b9fcd3a18b6f
SSDEEP

3072:/xHopSjH+G1WyjkDQVt1O0/LdHlhSE11xYx651mjbYnUmr1DAI:/I0RT7/Za6YomHYn15/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09ce722f2c0058d0bcbc59e27d05350b

Files

09ce722f2c0058d0bcbc59e27d05350b
.exe windows:4 windows x86 arch:x86

6ea0bc11c4b2ae741605a6b91c764e17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AbortDoc
CopyMetaFileW
CreateCompatibleBitmap
CreateDIBitmap
ExtCreatePen
ExtCreateRegion
ExtFloodFill
FrameRgn
GetDIBColorTable
GetEnhMetaFileHeader
GetROP2
GetTextExtentExPointW
GetTextMetricsW
GetWindowExtEx
InvertRgn
PtVisible
RectVisible
SelectClipPath
SetAbortProc
SetBkColor
SetROP2
SetRectRgn
SetTextJustification
StrokeAndFillPath

user32

CloseClipboard
DeleteMenu
EndPaint
FindWindowA
GetClassNameA
GetScrollRange
GetWindowTextA
InflateRect
SetCapture
SetFocus
TranslateMessage
WaitMessage

shell32

CommandLineToArgvW
ExtractAssociatedIconW
SHAppBarMessage

kernel32

CreateProcessW
DeleteFileA
GetDiskFreeSpaceA
GetExitCodeThread
GetFileSize
GetFileTime
GetModuleHandleW
GetProcAddress
HeapDestroy
IsBadReadPtr
LoadLibraryA
LocalAlloc
SizeofResource

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Q83S5xif
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ea0bc11c4b2ae741605a6b91c764e17

Headers

File Characteristics

Imports

gdi32

user32

shell32

kernel32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

Q83S5xif Size: 1024B - Virtual size: 120KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

Q83S5xif
Size: 1024B - Virtual size: 120KB